SFTP to /bin/false account?

Derek Martin invalid at pizzashack.org
Mon Mar 15 23:35:00 EST 2004 

On Mon, Mar 15, 2004 at 09:22:26PM -0500, Cole Tuininga wrote:
> > Probably.  Are you running OpenSSH 3.4 or older?
> 
> Ayup.  On debian (mostly) woody.

Yucky.  With static compilation, rssh will be pretty reliable
security-wise, but it's a big mess of files. :(

> version.   This may just be because my test box is running a nasty
> combination of some glibc (and related) stuff from unstable and the 
> mostly comes from stable.  I tried it on a strictly stable box and
> didn't get the warning so I'm going to assume everything's hunky dory. 

That seems like reasonable assumption to me...

> Thanks for the help.

No problem.

Incidentally, I do actually have a new version that's more-or-less
ready to be released.  It fixes a couple of buglets that are clearly
not affecting you, or you'd have complained about it by now.  :)

But also of interest is that it adds support for limiting access to
cvs and/or rsync and/or rdist.  This allows you to use rssh on a
server which is intended to be a CVS server, but not allow shell
access, or to use rdist and/or rsync over ssh for archival purposes
without exposing the system to shell access to the back-up user.

The code is "done" basically, but I have not released it for 2
reasons:

  - I've been too lazy to set up rsync and rdist to test it thoroughly
    with those programs (cvs testing was completed).  I don't really
    use these programs much, so I don't know their syntax and
    configurations well.  I've used them before, but infrequently
    enough that I basically have to re-learn them every time...

  - There's an information gathering attack possible when using rssh
    with chroot jails.  This in no way allows a user to gain
    unauthorized shell access to the system.  But it does let them see
    what files exist outside the chroot jail, assuming their user on
    the remote system has permission to read the given directory.

Obviously, if you're not using chroot jails, and/or you don't care
about the users seeing what files exist on the target (i.e. you only
want to make sure they can't log in and muck with things), this last
problem is no problem at all for you.  I think that's probably true in
the majority of cases where rssh will be used, but some people will
definitely care.  Eventually, I want to fix this problem before I
release the 2.2 release.  I've been really lazy about that one, too.

But if you're interested in trying these features out, I can make the
code available...

> > RTFM...  :)
> 
> Ayup - didn't notice initially that it came with man pages.  I found
> them and things fell into place quick.  8)

Yeah, as Ben points out, lack of docs is a common problem.  Call me
old-fashioned, but I believe that if you're going to write software
for other people to use, it should be not difficult to discover how to
use it.  And it should work as advertised...  If you add up all the
docs in the source, and the web site, rssh has about as much
documentation as it has code.  That seems like a good ratio... ;-)

Actually, I agree with ESR: if the interface is designed well,
documentation is (usually) superfluous.  In this case, due to the
nature of the program, it's difficult to give it a nice interface
without writing a seperate GUI tool to handle the configuration.
The ability to give rssh different configurations for each user made
the config file parsing a little complicated...  Also setting up
chroot jails is a little complicated.  If not for these, the docs
would only need to be very minimal.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20040315/50c6605e/attachment.bin

More information about the gnhlug-discuss mailing list